HackDig : Dig high-quality web security articles for hacker

Problem: How do you store a password but make it nearly impossible to recover the plaintext in the event that the database with the password hash is compromised?
When doing software development, it’s critical to review these functions. Having good development standards for your team will ensure that people store passwords properly and avoid mistakes th

An old friend once gave me some really valuable advice about reaching a goal. He said that you can’t get to where you’re going if you don’t know where you are. Over the years, I’ve found that to be true in a lot of situations. But I think it’s especially fitting in discussing GDPR readiness.
Know Where You Stand With GDPR Readin

As cyberthreats make headlines, companies across the globe are working hard to develop efficient IT infrastructures capable of protecting sensitive data and maintaining compliance with privacy regulations. Although it checks both of these boxes, many organizations have been hesitant to adopt encryption due to cost, operational impact, the complexity of key m

This is the first installment in a three-part series.
Blockchain-based applications will revolutionize the way people and organizations interact with each other and the Internet of Things (IoT) — and rightfully so. Based on the foundational principles of trust, blockchain has the potential to solve real-life business challenges within every sector. Permissio

People are beginning to get used to the easy life enabled by smart homes and the Internet of Things (IoT), but they are at risk if they do not prioritize security. The IoT has increased quality of life for many; it has helped the differently abled and the elderly to continue living independently and laid the technological groundwork for another industrial re

The intensifying regulation of cloud services has become a major threat to financial institutions’ growth and innovation. An overwhelming number of regional and jurisdictional mandates aimed at ensuring cloud security, data protection and privacy are consuming company resources. Compliance with these evolving and often conflicting regulatory demands ha

When implementing a new business plan or technology, it’s easy to draw parallels between coaching employees on best practices and coaching an athletic team in pursuit of a victory. Both require teamwork, extensive training and careful consideration of how the individual strengths of each player come together to create a cohesive working unit.
As the Ma

First responders have proven time and time again the valuable help they provide to people in need. Right now, we’re seeing their bravery with the historic hurricanes, fires and floods impacting millions of people. What makes first responders confident in the face of such danger? One word: practice. And this lesson is translating to the private sector i

As more companies suffer breaches and leak private data online, it becomes harder for organizations to be transparent and establish trust with their customers. Recent incidents have shown that many experts underestimated the total impact of a data breach in terms of the actual number of users affected and the volume of data made public. Many companies take t

October is European Cyber Security Month (ECSM). This marks the fifth anniversary of the initiative and builds on the activities started in previous years. The concept of a cybersecurity awareness month began in the U.S. 14 years ago with the aim of promoting cybersecurity for all computer users, from consumers to governments. Over time, many jurisdictions a

As organizations march into the digital age, data sprawl is accelerating. Information of all kinds is stored everywhere, accessed by multiple people many times a day and shared across corporate and international boundaries. Most organizations do not have a handle on data locations, ownership and flows outside of regulated or compliance-related information. T

News about POS malware breaches affecting two retailers hit the headlines last week, this time featuring a fast-food restaurant chain in the U.S. that operates around 3,500 locations across the country, most of which are franchised, and a popular supermarket.
Both entities, like others before them, were notified of suspicious activity by a third-party servic

Why It’s So Hard to Design Something Simple
In our previous blog post, Adam Nelson and I suggested that you set aside time with other people in your organization and familiarize yourselves with General Data Protection Regulation (GDPR) and its requirements. Have you done that yet? Don’t be embarrassed to admit that you haven’t. Because eith

National Cyber Security Awareness Month (NCSAM) starts Monday, Oct. 2. It’s a joint effort between private industry and public agencies to help companies and individuals make better cybersecurity choices. Here’s a look at the current state of cybersecurity and what NCSAM has planned this year.
An Evolving Outlook on Cybersecurity
2017 has been a

Data drives our businesses, economy and daily lives, so it comes as no surprise that data security needs to be a priority. But do we know what data we really have, where sensitive information is being collected and stored, what is happening with the data and where it is ultimately going? How do we build security around critical assets that we need to protect